package com.jd.risk.bankorder.service.privilege.authority;

import javax.annotation.Resource;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

import com.jd.risk.bankorder.entity.privilege.User;
import com.jd.risk.bankorder.service.privilege.ResourceService;
import com.jd.risk.bankorder.service.privilege.RoleService;
import com.jd.risk.bankorder.service.privilege.UserService;

public class UserRealm  extends AuthorizingRealm{
	
	@Resource
	private UserService userService;
	
	@Resource
	private RoleService roleService;
	
	@Resource
	private ResourceService resourceService;
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		String username = (String) principalCollection.getPrimaryPrincipal();
		User user = userService.findByUsername(username);
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		authorizationInfo.setRoles(roleService.getRoleStrByRoleIds(user.getRoleIds()));
		authorizationInfo.setStringPermissions(resourceService.getResourceStrByRoleIds(user.getRoleIds()));
		return authorizationInfo;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		
		String username = (String) token.getPrincipal();
		User user = userService.findByUsername(username);
		if(null == user)
		{
			throw new UnknownAccountException();
		}
		ByteSource  credentialsSalt  = ByteSource.Util.bytes(user.getCredentialsSalt());
		SimpleAuthenticationInfo  authenticationInfo = 
				new SimpleAuthenticationInfo(
				user.getUsername(),user.getPassword() ,credentialsSalt,getName());
		
		return authenticationInfo;
	}

//	@Override
//	protected void assertCredentialsMatch(AuthenticationToken token,
//			AuthenticationInfo info)  {
//		System.out.println("权限管理的 登陆token是："+token.toString() );
//	}

	@Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
        super.clearCachedAuthorizationInfo(principals);
    }

    @Override
    public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
        super.clearCachedAuthenticationInfo(principals);
    }

    @Override
    public void clearCache(PrincipalCollection principals) {
        super.clearCache(principals);
    }

    public void clearAllCachedAuthorizationInfo() {
        getAuthorizationCache().clear();
    }

    public void clearAllCachedAuthenticationInfo() {
        getAuthenticationCache().clear();
    }

    public void clearAllCache() {
        clearAllCachedAuthenticationInfo();
        clearAllCachedAuthorizationInfo();
    }
	
}
